x icon


All presentation slides are archived on our github page - https://github.com/BSidesSG

BSides Singapore 2023

  • Keynote - My Journey: Driven by the Inspiration from Hackers in SF Novels by Asuka Nakajima
  • Breaking Barriers: Using XSS to Achieve RCE by Aden Yap Chuen Zhen, Ali Radzali
  • Developing a Linux Loadable Kernel Module based rootkit from scratch by Soumyanil Biswas
  • How I Learned to Stop Worrying and Build a Modern Detection & Response Program by Allyn Stott
  • Knock, Knock - Abusing Ephemeral Ports for Data Exfil and C2 by Hubert Lin
  • Three's company: Investigating an Espionage Campaign featuring Multiple Threat Actors by Lior Rochberger, Tom Fakterman
  • It's raining creds - crawling DockerHub for leaked secrets at scale by Aliz Hammond
  • How threat actors are Using AI and other modern tools to enhance their phishing attempts by Chetan Raghuprasad
  • AI Package Hallucination – Spreading Malicious Packages Using Generative AI by Bar Lanyado
  • Workshop 1: Endpoint Forensics - A Hands On Workshop by Surya Teja Masanam and Santhosh Baswa
  • Workshop 2: Secure Coding: Fix from the root by Gopika Subramanian and Hitesh Kumar

BSides Singapore 2022

  • Keynote - Case Studies in Embedded VR by Dr Silvio Cesare
  • Supply Chain Compromises - Understanding the Threat and Defending Your Organisation by Aaron Aubrey Ng
  • Once you POPTOP, you can’t stop. Putting the pieces together on a new and sophisticated APT malware by Billy James Velasco
  • Securing Kubernetes Deployment at Scale by Sohini Mukherjee
  • Malware Powered by Windows 11 No-Code by Michael Bargury
  • The call is coming from inside the building: Post-Exploitation with Kubernetes Webhooks by Abhay Bhargav
  • Uncovering 0-days in Healthcare Management Applications by Aden Yap Chuen Zhen, Sheikh Rizan and Muhammad Ali Akbar
  • HTTP Request Smuggling in the Multiverse of Parsing Flaws by Zhang Zeyu
  • Internal domain names: What are you hiding and what are you leaking? by Chen Zheng Wei and George Chen
  • Pwning Android Apps at Scale by Sparsh Kulshrestha and Shashank Shashank
  • 360-degree view of Lambda Security by Apoorva Jois and Kajal Nair
  • Hacking AppLocker cache by Grzegorz Tworek
  • Workshop 1: Introduction to Kubernetes by Koh William and Sven Schleier
  • Workshop 2: Lateral Movement Techniques in windows environment by Samaksh Kaushik and Hari Prasad

BSides Singapore 2021

  • Keynote - Who deserves Cybersecurity by Eva Galperin
  • Hunt the Beasts in the Bits A Proactive Approach by Meisam Eslahi
  • Hacking Modern Desktop apps with XSS and RCE by Abraham Aranguren
  • OAuth Bypass Technique by Sheikh Rizan
  • Finding the unknown before it finds you by Vandana Verma Sehgal
  • Intercepting Mobile App Network Traffic aka The Squirrel in the middle by Sven Schleier
  • Cybersecurity & The Board - Choosing success over the Sarlacc Pit by Brian Contos
  • Attacking and Defending Hybrid Active Directory Environments by Anurag Khanna, Thirumalai Natarajan
  • Ransomware and the eCrime Ecosystem by Aaron Aubrey Ng
  • The evolution of Android keystore by Gautamarvind Pandian, Vikas Gupta
  • h0neytr4p - How to catch the external threat actors with an easy to configure Honeypot by Subhash Popuri, Aakash Madaan
  • Practical offense and defence against 5G by Ali Abdollahi
  • Workshop 1: Hands On Attacking and Defending the Kubernetes Ecosystem by Vasant Chinnipilli
  • Workshop 2: Mobile Security Testing Guide Hands-On - iOS Edition by Sven Schleier
  • Workshop 3: Implementing One-Way Shellcoding in Windows x64 Systems by Arnold Anthony, Sristi Lakshmi Sravana Kumar
  • Workshop 4: Windows Forensics 101 for Beginners by Surya Teja Masanam

BSides Singapore 2020

  • Keynote - Security BSides, Cybersecurity, and the Future by Jack Daniel
  • Welcome the Shadowbunny Leveraging virtual machines during lateral movement to evade detections and persist by Johann Rehberge
  • Automating Threat Hunting on the Dark Web and other nitty-gritty things by Apurv Singh Gautam
  • Hacking Serverless Architectures by Keith Rozario
  • Making your SIEM great again - Augmenting your detection via simple machine learning by Elaine Hung
  • DarkCrewBot – The Return of the Bot Shop Crew by Adi Ikan & Ori Hamama
  • Chinese Cyber Crime: A Graph Approach by Aaron Shraberg
  • Eradicating Vulnerability Classes by Embracing Secure Defaults and Invariants by Luke O’Malley
  • Anatomy of Automated Account Takeovers by Tal Eliyahu and Begum Calguner
  • Auto-remediation in cloud: win the race against cyber criminals by Sapna Singh
  • Android Malware Adventures by Mert Can Coskuner & Kursat Oguzhan Akinci
  • Seccomp for developers - making your applications more secure by Alexander Reelsen

BSides Singapore 2019

  • Keynote - APAD: An EDR Grade Agent for Wi-Fi Access Points by Vivek Ramachandran
  • Pixel Heist – Pulling Corporate Files Out From Your Virtual Desktop Screens by Jeremy Soh
  • Leveraging Osquery for DFIR at Scale by Sohini Mukherjee
  • The Man-In-The-Middle Attack Against a Certain Password Manager by Soya Aoyama
  • Atomic Threat Coverage: Operationalized ATT&CK by Daniil Yugoslavskiy
  • Real-time Detection of ‘Module Stomping’ via Windows PFN Database by Aliz Hammond
  • The Changing Face of Supply Chain Security by Dharmesh Mehta & Neha Shukla
  • Deep Exploit: Fully Automatic Penetration Test Tool Using Machine Learning by Isao Takaesu
  • Popping 0days Out of a Thick Java Application: A Dive into Zimbra by An Trinh
  • How Smart is your Smart Contracts? by Shrutirupa Banerjiee
  • Workshop 1: Hacking and Securing Docker Containers by Srinivasa Rao Kotipalli & Abhijeth Dugginapeddi
  • Workshop 2: Offensive Red Teaming by Ajay Choudhary & Nitesh Malviya